Class OpenSign

java.lang.Object
cloud.opencode.base.crypto.OpenSign
public final class OpenSign extends Object
Digital signature facade for signing and verification - Provides convenient API for various signature algorithms 数字签名门面类 - 为各种签名算法提供便捷的 API

Features | 主要功能:

  • EdDSA signing (Ed25519, Ed448) - EdDSA 签名(Ed25519、Ed448)
  • ECDSA signing (P-256, P-384, P-521) - ECDSA 签名(P-256、P-384、P-521)
  • RSA and RSA-PSS signing - RSA 和 RSA-PSS 签名
  • SM2 signing (Chinese national standard) - SM2 签名(中国国密标准)
  • Hex and Base64 output encoding - 十六进制和 Base64 输出编码

Usage Examples | 使用示例:

OpenSign signer = OpenSign.ed25519();
KeyPair keyPair = signer.generateKeyPair();
signer.setKeyPair(keyPair);
byte[] signature = signer.sign("message");
boolean valid = signer.verify("message", signature);

Security | 安全性:

  • Thread-safe: No - 线程安全: 否
  • Null-safe: Yes - 空值安全: 是
Since:
JDK 25, opencode-base-crypto V1.0.0
Author:
Leon Soo www.LeonSoo.com
See Also:

  • Method Details

    • ed25519

      public static OpenSign ed25519()
      Create Ed25519 signer (recommended) 创建 Ed25519 签名器(推荐)
      Returns:
      OpenSign instance

    • ed448

      public static OpenSign ed448()
      Create Ed448 signer 创建 Ed448 签名器
      Returns:
      OpenSign instance

    • ecdsaP256

      public static OpenSign ecdsaP256()
      Create ECDSA P-256 signer 创建 ECDSA P-256 签名器
      Returns:
      OpenSign instance

    • ecdsaP384

      public static OpenSign ecdsaP384()
      Create ECDSA P-384 signer 创建 ECDSA P-384 签名器
      Returns:
      OpenSign instance

    • ecdsaP521

      public static OpenSign ecdsaP521()
      Create ECDSA P-521 signer 创建 ECDSA P-521 签名器
      Returns:
      OpenSign instance

    • sha256WithRsa

      public static OpenSign sha256WithRsa()
      Create RSA-SHA256 signer 创建 RSA-SHA256 签名器
      Returns:
      OpenSign instance

    • sha384WithRsa

      public static OpenSign sha384WithRsa()
      Create RSA-SHA384 signer 创建 RSA-SHA384 签名器
      Returns:
      OpenSign instance

    • sha512WithRsa

      public static OpenSign sha512WithRsa()
      Create RSA-SHA512 signer 创建 RSA-SHA512 签名器
      Returns:
      OpenSign instance

    • rsaPss

      public static OpenSign rsaPss()
      Create RSA-PSS signer 创建 RSA-PSS 签名器
      Returns:
      OpenSign instance

    • rsaPssSha384

      public static OpenSign rsaPssSha384()
      Create RSA-PSS-SHA384 signer 创建 RSA-PSS-SHA384 签名器
      Returns:
      OpenSign instance

    • rsaPssSha512

      public static OpenSign rsaPssSha512()
      Create RSA-PSS-SHA512 signer 创建 RSA-PSS-SHA512 签名器
      Returns:
      OpenSign instance

    • sm2

      public static OpenSign sm2()
      Create SM2 signer (requires Bouncy Castle) 创建 SM2 签名器(需要 Bouncy Castle)
      Returns:
      OpenSign instance

    • of

      public static OpenSign of(SignatureAlgorithm algorithm)
      Create signer by algorithm enum 根据算法枚举创建签名器
      Parameters:
      algorithm - signature algorithm
      Returns:
      OpenSign instance

    • setPrivateKey

      public OpenSign setPrivateKey(PrivateKey privateKey)
      Set private key for signing 设置签名私钥
      Parameters:
      privateKey - private key
      Returns:
      this instance for chaining

    • setPublicKey

      public OpenSign setPublicKey(PublicKey publicKey)
      Set public key for verification 设置验签公钥
      Parameters:
      publicKey - public key
      Returns:
      this instance for chaining

    • setKeyPair

      public OpenSign setKeyPair(KeyPair keyPair)
      Set key pair for signing and verification 设置签名和验签的密钥对
      Parameters:
      keyPair - key pair
      Returns:
      this instance for chaining

    • sign

      public byte[] sign(byte[] data)
      Sign data 签名数据
      Parameters:
      data - data to sign
      Returns:
      signature bytes

    • sign

      public byte[] sign(String data)
      Sign string (UTF-8) 签名字符串(UTF-8)
      Parameters:
      data - string to sign
      Returns:
      signature bytes

    • signHex

      public String signHex(byte[] data)
      Sign data and return as hex string 签名并返回十六进制字符串
      Parameters:
      data - data to sign
      Returns:
      hex signature

    • signHex

      public String signHex(String data)
      Sign string and return as hex string 签名字符串并返回十六进制字符串
      Parameters:
      data - string to sign
      Returns:
      hex signature

    • signBase64

      public String signBase64(byte[] data)
      Sign data and return as Base64 string 签名并返回 Base64 字符串
      Parameters:
      data - data to sign
      Returns:
      Base64 signature

    • signBase64

      public String signBase64(String data)
      Sign string and return as Base64 string 签名字符串并返回 Base64 字符串
      Parameters:
      data - string to sign
      Returns:
      Base64 signature

    • verify

      public boolean verify(byte[] data, byte[] signature)
      Verify signature 验证签名
      Parameters:
      data - original data
      signature - signature bytes
      Returns:
      true if valid

    • verify

      public boolean verify(String data, byte[] signature)
      Verify signature of string 验证字符串签名
      Parameters:
      data - original string
      signature - signature bytes
      Returns:
      true if valid

    • verifyHex

      public boolean verifyHex(byte[] data, String signatureHex)
      Verify hex-encoded signature 验证十六进制编码的签名
      Parameters:
      data - original data
      signatureHex - hex-encoded signature
      Returns:
      true if valid

    • verifyHex

      public boolean verifyHex(String data, String signatureHex)
      Verify hex-encoded signature of string 验证字符串的十六进制编码签名
      Parameters:
      data - original string
      signatureHex - hex-encoded signature
      Returns:
      true if valid

    • verifyBase64

      public boolean verifyBase64(byte[] data, String signatureBase64)
      Verify Base64-encoded signature 验证 Base64 编码的签名
      Parameters:
      data - original data
      signatureBase64 - Base64-encoded signature
      Returns:
      true if valid

    • verifyBase64

      public boolean verifyBase64(String data, String signatureBase64)
      Verify Base64-encoded signature of string 验证字符串的 Base64 编码签名
      Parameters:
      data - original string
      signatureBase64 - Base64-encoded signature
      Returns:
      true if valid

    • generateKeyPair

      public KeyPair generateKeyPair()
      Generate key pair for this algorithm 生成此算法的密钥对
      Returns:
      generated key pair

    • withGeneratedKeyPair

      public OpenSign withGeneratedKeyPair()
      Generate key pair and set it 生成密钥对并设置
      Returns:
      this instance for chaining

    • getAlgorithm

      public String getAlgorithm()
      Get algorithm name 获取算法名称
      Returns:
      algorithm name